cascadiasolutions.ca Open in urlscan Pro
2606:4700:3030::6815:459a  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login-image-password.php Show response cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/	8 KB 3 KB	1347ms 1205ms	Document text/html	2606:4700:3030::6815:459a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:459a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f412df0f8c8cab87bdf4d5f0d41a869f9818b4ec60aa5b6c548a5adda45a9ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 75396218cec54bb8-YUL content-encoding br content-type text/html; charset=UTF-8 date Sun, 02 Oct 2022 00:39:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEK2TOFLkT7rHJSJbv%2Fuc1AmN6elYLjyvtOFszOt3IqdvxhEgLExvzXXWTOLa2XUydrAtGzlvq3fhPrpFnnw%2Bvm6%2FxC5ex%2BZQ1%2BDOBaJ4UxqoFOcAamgAyeWQxN7WJACdRk6zhIYtjV2lVFvmibRb6Pisw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-xss-protection 1; mode=block
GET H/1.1	200 OK	ub-main.css ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/	21 KB 8 KB	588ms 375ms	Stylesheet text/css	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-main.css?akusa_rev=4661 Requested by Host: cascadiasolutions.ca URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash a6b94488693950651d0529e4f968e21a333af9e121ba2088d19f1b0cb92e370a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://cascadiasolutions.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:31:54 GMT X-Permitted-Cross-Domain-Policies none Content-Encoding gzip Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=100
GET H/1.1	200 OK	ub-login-new.css ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/	8 KB 4 KB	585ms 372ms	Stylesheet text/css	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?akusa_rev=4661 Requested by Host: cascadiasolutions.ca URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash f9d3f2498ba008a3eae2c43f5e83321fff0b2dfc4743bd2e56b6f3bcf716436f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://cascadiasolutions.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:31:54 GMT X-Permitted-Cross-Domain-Policies none Content-Encoding gzip Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=100
GET H/1.1	200 OK	common_functions.js Show response ultrabranch3.alaskausa.org/efs/efs/jslibrary/	8 KB 3 KB	588ms 347ms	Script application/x-javascript	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://ultrabranch3.alaskausa.org/efs/efs/jslibrary/common_functions.js Requested by Host: cascadiasolutions.ca URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 990e387806872b7606ecf7211145356f5b6321fe6ff53e4ad3301b0373b1ceaa Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://cascadiasolutions.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:31:54 GMT X-Permitted-Cross-Domain-Policies none Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=100 Content-Length 2278
GET H/1.1	200 OK	akusafcu_logo.png ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/	16 KB 17 KB	113ms 113ms	Image image/png	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/akusafcu_logo.png Requested by Host: cascadiasolutions.ca URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash a3941d5f3a221368776c19f01fef5fdcff8825460e416580fc809dbdd83972cc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://cascadiasolutions.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:31:52 GMT X-Permitted-Cross-Domain-Policies none Content-Encoding gzip Vary Accept-Encoding Content-Type text/plain Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=99 Content-Length 16729
GET H/1.1	200 OK	scenic-rainier.jpg ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/security/	51 KB 52 KB	187ms 186ms	Image image/jpeg	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/security/scenic-rainier.jpg Requested by Host: cascadiasolutions.ca URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 8bb7703d329faf6ba1328efeff2afc42c2ae79c4faa8e8a27819049930899602 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://cascadiasolutions.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:31:52 GMT X-Permitted-Cross-Domain-Policies none Content-Type image/jpeg Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=99 Content-Length 52068
GET H/1.1	200 OK	logo-ehl-tri.gif ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/	2 KB 3 KB	104ms 104ms	Image image/gif	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/logo-ehl-tri.gif? Requested by Host: cascadiasolutions.ca URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash e9d50b964802b2bb60004481eb67394bd994ba4c6f8a67e3ded7574ef58fcfc2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://cascadiasolutions.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:23:36 GMT X-Permitted-Cross-Domain-Policies none Content-Type image/gif Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=99 Content-Length 2358
GET H/1.1	200 OK	logo-ncua.gif ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/	4 KB 5 KB	312ms 258ms	Image image/gif	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/logo-ncua.gif? Requested by Host: cascadiasolutions.ca URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash dcfdce79105743aeda2d194642ba6c291664dd193002cf0e761762896af7ac08 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://cascadiasolutions.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:31:52 GMT X-Permitted-Cross-Domain-Policies none Content-Type image/gif Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=100 Content-Length 4343
GET H/1.1	200 OK	ub-print.css ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/	3 KB 3 KB	215ms 110ms	Stylesheet text/css	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-print.css?akusa_rev=4661 Requested by Host: cascadiasolutions.ca URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash ae0a9f620731be24cc8c6fc0f2cc46e789f276f497e96ad92734bd7facd2f9e8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://cascadiasolutions.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:31:54 GMT X-Permitted-Cross-Domain-Policies none Content-Encoding gzip Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=98
GET H/1.1	200 OK	header_bg.png ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/	8 KB 9 KB	326ms 258ms	Image image/png	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/header_bg.png? Requested by Host: ultrabranch3.alaskausa.org URL: https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?akusa_rev=4661 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?akusa_rev=4661 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:23:36 GMT X-Permitted-Cross-Domain-Policies none Content-Encoding gzip Vary Accept-Encoding Content-Type text/plain Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=100 Content-Length 8091
GET H/1.1	200 OK	pgMainEdge.png www.alaskausa.org/css/nav/	960 B 1 KB	637ms 432ms	Image image/png	107.162.171.161 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.alaskausa.org/css/nav/pgMainEdge.png Requested by Host: cascadiasolutions.ca URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/login-image-password.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 1fb28d9c14ec42912599df0f34b14c6e6f996084ca13e06bb11dcb4c9459ed34 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://cascadiasolutions.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:56 GMT Via 1.1 dca1-bit9045 X-Content-Type-Options nosniff Last-Modified Wed, 28 Sep 2022 02:43:58 GMT ETag "51dba928e4d2d81:0" X-Frame-Options DENY Vary Accept-Encoding Content-Type image/png Accept-Ranges bytes Content-Length 960 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	bullet-right.png ultrabranch3.alaskausa.org/efs/images/	154 B 1 KB	299ms 263ms	Image image/png	107.162.174.74 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ultrabranch3.alaskausa.org/efs/images/bullet-right.png Requested by Host: ultrabranch3.alaskausa.org URL: https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?akusa_rev=4661 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.174.74 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 70a46f91c5948576ac320802ed148ed967757b8391f9b3e958c2dcbe1f333d14 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?akusa_rev=4661 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 00:39:51 GMT Strict-Transport-Security max-age=31536000 Via 1.1 dca1-bit12027 Last-Modified Thu, 18 Aug 2022 06:31:58 GMT X-Permitted-Cross-Domain-Policies none Vary Accept-Encoding Content-Type text/plain Content-Language en-US Connection Keep-Alive Keep-Alive timeout=10, max=100 Content-Length 154

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alaska USA Federal Credit Union (Banking)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| isBlank function| isValidMask function| trimSpaces function| isNum function| hasInvalidChar function| isInvalidChar function| hasInvalidCharBeneficiary function| isInvalidCharBeneficiary function| isChar function| isNumOrChar function| stripChars function| isLength function| parseString function| isAllNums function| stripSpaces function| containsInvalidChar function| isItInvalidChar function| showNote function| toggleTree function| toggleNote function| Initialize function| ProcessForm function| DoSubmit

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cascadiasolutions.ca
ultrabranch3.alaskausa.org
www.alaskausa.org
107.162.171.161
107.162.174.74
2606:4700:3030::6815:459a
1fb28d9c14ec42912599df0f34b14c6e6f996084ca13e06bb11dcb4c9459ed34
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
6f412df0f8c8cab87bdf4d5f0d41a869f9818b4ec60aa5b6c548a5adda45a9ab
70a46f91c5948576ac320802ed148ed967757b8391f9b3e958c2dcbe1f333d14
8bb7703d329faf6ba1328efeff2afc42c2ae79c4faa8e8a27819049930899602
990e387806872b7606ecf7211145356f5b6321fe6ff53e4ad3301b0373b1ceaa
a3941d5f3a221368776c19f01fef5fdcff8825460e416580fc809dbdd83972cc
a6b94488693950651d0529e4f968e21a333af9e121ba2088d19f1b0cb92e370a
ae0a9f620731be24cc8c6fc0f2cc46e789f276f497e96ad92734bd7facd2f9e8
dcfdce79105743aeda2d194642ba6c291664dd193002cf0e761762896af7ac08
e9d50b964802b2bb60004481eb67394bd994ba4c6f8a67e3ded7574ef58fcfc2
f9d3f2498ba008a3eae2c43f5e83321fff0b2dfc4743bd2e56b6f3bcf716436f